Insecure Permissions in Agent-Zero Product from Vendor Affecting System Integrity
CVE-2025-55524

7.3HIGH

Key Information:

Vendor: Vendor Unknown
Status: Agent-Zero
Vendor: CVE Published:; 21 August 2025

🔔 Create Vendor Unknown Vulnerability Alert

What is CVE-2025-55524?

Insecure permissions in the Agent-Zero product version 0.8.* can be exploited by attackers to reset the system unexpectedly. This vulnerability can allow unauthorized users to manipulate critical system functions through undefined entry points, compromising the security and stability of the application. It is crucial for users to assess and mitigate potential risks associated with this issue to protect their systems from unauthorized resets and subsequent damage.

References

https://github.com/frdel/agent-zero/blob/v0.8.7/python/ap...

https://github.com/vityuasd/VulList/blob/main/vul_3.md

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2025
Vulnerability Reserved
Aug 13, 2025